Threat actors are leveraging the popularity of CapCut, a widely used video editing app, to execute a sophisticated phishing campaign aimed at stealing Apple ID credentials and credit card information.

The phishing campaign begins with a spoofed email impersonating a legitimate company that provides disability and health equipment. The email contains a link to a fake invoice hosted on script[.]google[.]com, a legitimate Google domain.

A sophisticated phishing campaign has been uncovered that impersonates Coursera and offers a free Meta Social Media Marketing certificate to lure victims into a multi-stage phishing trap.

A sophisticated phishing campaign is targeting Apple Pay and Yahoo users. It leverages realistic email and web page impersonations to steal sensitive credentials, financial data, and personal information.

Threat actors are increasingly leveraging blob URIs (Uniform Resource Identifiers) to deliver credential phishing pages that bypass Secure Email Gateways (SEGs) and evade automated analysis.

A new phishing tactic known as Precision-Validated Phishing is being leveraged by cybercriminals to enhance the effectiveness of credential theft campaigns. This technique uses real-time email validation.

A recent phishing campaign has been uncovered targeting Spotify users through a spoofed email that mimics official Spotify communications. The attackers embedded legitimate Spotify URLs within the email to lend credibility.

A recent phishing campaign exploits the timing of Q1 evaluations by impersonating internal HR communications to deceive employees. The campaign culminates in credential theft via a spoofed Microsoft login page.

A sophisticated phishing campaign is targeting individuals seeking U.S. travel authorization by impersonating the U.S. Customs and Border Protection (CBP) and the Electronic System for Travel Authorization (ESTA).

A recent phishing campaign leverages a dual-threat strategy combining credential harvesting and malware delivery. Disguised as a file deletion alert, the attack exploits user trust to deploy the ConnectWise RAT or steal Office365 credentials.